From vda.linux at googlemail.com Mon Jan 1 21:24:42 2024 From: vda.linux at googlemail.com (Denys Vlasenko) Date: Mon, 1 Jan 2024 22:24:42 +0100 Subject: [git commit] time: implement %% and \escapes in -f FMT Message-ID: <20240101212524.92D8A83B75@busybox.osuosl.org> commit: https://git.busybox.net/busybox/commit/?id=1cac2585217f830d29f7e9d2a1226d55c80886b6 branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master function old new delta time_main 1217 1316 +99 Signed-off-by: Denys Vlasenko --- miscutils/time.c | 39 ++++++++++++++++++--------------------- testsuite/time.tests | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 21 deletions(-) diff --git a/miscutils/time.c b/miscutils/time.c index 4b1b043c3..77d35a832 100644 --- a/miscutils/time.c +++ b/miscutils/time.c @@ -226,28 +226,19 @@ static void summarize(const char *fmt, char **command, resource_t *resp) } switch (*fmt) { -#ifdef NOT_NEEDED - /* Handle literal char */ - /* Usually we optimize for size, but there is a limit - * for everything. With this we do a lot of 1-byte writes */ - default: - bb_putchar(*fmt); - break; -#endif - case '%': switch (*++fmt) { -#ifdef NOT_NEEDED_YET - /* Our format strings do not have these */ - /* and we do not take format str from user */ default: - bb_putchar('%'); + /* Unknown % is printed as "?" */ + bb_putchar('?'); + if (!*fmt) { + /* Trailing -f '...%' prints "...?" but NOT newline */ + goto ret; + } /*FALLTHROUGH*/ case '%': - if (!*fmt) goto ret; bb_putchar(*fmt); break; -#endif case 'C': /* The command that got timed. */ printargv(command); break; @@ -381,14 +372,21 @@ static void summarize(const char *fmt, char **command, resource_t *resp) } break; -#ifdef NOT_NEEDED_YET - case '\\': /* Format escape. */ + default: /* *fmt is '\': format escape */ switch (*++fmt) { default: + /* Unknown \ is printed as "?\" */ + bb_putchar('?'); bb_putchar('\\'); + if (!*fmt) { + /* Trailing -f '...\': GNU time 1.9 prints + * "...?\COMMAND" (it's probably a bug). + */ + puts(command[0]); + goto ret; + } /*FALLTHROUGH*/ case '\\': - if (!*fmt) goto ret; bb_putchar(*fmt); break; case 't': @@ -399,12 +397,11 @@ static void summarize(const char *fmt, char **command, resource_t *resp) break; } break; -#endif } ++fmt; } - /* ret: */ bb_putchar('\n'); + ret: ; } /* Run command CMD and return statistics on it. @@ -438,7 +435,7 @@ int time_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int time_main(int argc UNUSED_PARAM, char **argv) { resource_t res; - /* $TIME has lowest prio (-v,-p,-f FMT overrride it) */ + /* $TIME has lowest prio (-v,-p,-f FMT override it) */ const char *output_format = getenv("TIME") ? : default_format; char *output_filename; int output_fd; diff --git a/testsuite/time.tests b/testsuite/time.tests new file mode 100755 index 000000000..4e31b3868 --- /dev/null +++ b/testsuite/time.tests @@ -0,0 +1,37 @@ +#!/bin/sh + +# Copyright 2024 by Denys Vlasenko +# Licensed under GPLv2, see file LICENSE in this source tree. + +. ./testing.sh + +# testing "description" "arguments" "result" "infile" "stdin" + +testing "time -f trailing backslash" \ + "time -f 'abc\' sleep 0 2>&1" \ + 'abc?\sleep\n' '' '' +# ^^^^^^^^^^^^^^ this is what GNU time version 1.9 prints + +testing "time -f trailing percent" \ + "time -f 'abc%' sleep 0 2>&1" \ + 'abc?' '' '' + +testing "time -f undefined backslash" \ + "time -f 'abc\^def' sleep 0 2>&1" \ + 'abc?\^def\n' '' '' + +testing "time -f undefined percent" \ + "time -f 'abc%^def' sleep 0 2>&1" \ + 'abc?^def\n' '' '' + +testing "time -f backslash tab and newline" \ + "time -f 'abc\ndef\txyz' sleep 0 2>&1" \ + 'abc +def xyz +' '' '' + +testing "time -f percent percent" \ + "time -f 'abc%%def' sleep 0 2>&1" \ + 'abc%def\n' '' '' + +exit $FAILCOUNT From vda.linux at googlemail.com Mon Jan 1 23:58:56 2024 From: vda.linux at googlemail.com (Denys Vlasenko) Date: Tue, 2 Jan 2024 00:58:56 +0100 Subject: [git commit] sed: check errors writing file with sed -i Message-ID: <20240101235909.9B7CA83B77@busybox.osuosl.org> commit: https://git.busybox.net/busybox/commit/?id=5dc9ece3b9e87af0dcb01449821ac827391ac116 branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master sed would currently not error if write failed when modifying a file. This can be reproduced with the following 'script': $ sudo mount -t tmpfs tmpfs -o size=1M /tmp/m $ sudo chmod 777 /tmp/m $ echo foo > /tmp/m/foo $ dd if=/dev/zero of=/tmp/m/fill bs=4k dd: error writing '/tmp/m/fill': No space left on device 256+0 records in 255+0 records out 1044480 bytes (1.0 MB, 1020 KiB) copied, 0.00234567 s, 445 MB/s $ busybox sed -i -e 's/.*/bar/' /tmp/m/foo $ echo $? 0 $ cat /tmp/m/foo new behaviour: $ echo foo > /tmp/m/foo $ ./busybox sed -i -e 's/.*/bar/' /tmp/m/foo sed: write error $ echo $? 4 $ cat /tmp/m/foo foo function old new delta sed_main 754 801 +47 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/0 up/down: 47/0) Total: 47 bytes text data bss dec hex filename 75727 2510 1552 79789 137ad busybox_old 75774 2510 1552 79836 137dc busybox_unstripped Signed-off-by: Dominique Martinet Signed-off-by: Denys Vlasenko --- editors/sed.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/editors/sed.c b/editors/sed.c index 00dde60be..6179c5e80 100644 --- a/editors/sed.c +++ b/editors/sed.c @@ -1648,6 +1648,11 @@ int sed_main(int argc UNUSED_PARAM, char **argv) fchown(nonstdoutfd, statbuf.st_uid, statbuf.st_gid); process_files(); + fflush(G.nonstdout); + if (ferror(G.nonstdout)) { + xfunc_error_retval = 4; /* It's what gnu sed exits with... */ + bb_simple_error_msg_and_die(bb_msg_write_error); + } fclose(G.nonstdout); G.nonstdout = stdout; From bugzilla at busybox.net Thu Jan 4 20:28:33 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Thu, 04 Jan 2024 20:28:33 +0000 Subject: [Bug 15907] New: nslookup fails with IPv6 name server in resolv.conf the has a comment Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15907 Bug ID: 15907 Summary: nslookup fails with IPv6 name server in resolv.conf the has a comment Product: Busybox Version: 1.35.x Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Networking Assignee: unassigned at busybox.net Reporter: heyscar at yahoo.com CC: busybox-cvs at busybox.net Target Milestone: --- Created attachment 9691 --> https://bugs.busybox.net/attachment.cgi?id=9691&action=edit packet capture. 3 frames. 1 & 2 are what should be, 3 is nslookup the nslookup client seems to not parse the resolv.conf entry correctly when the name server entry has a # comment in the string for example: nameserver 2001:1868:209:fff7:2185:39d8:332c:3eed # vlan1 When you try to perform nslookup google.com for example, the DNS lookup frame will contain a Queries entry for the name server instead of the string "google.com" 2001:1868:209:fff7:2185:39d8:332c:3eed # vlan1.scar.scarnet.com: type AAAA, class IN -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Tue Jan 16 15:19:21 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Tue, 16 Jan 2024 15:19:21 +0000 Subject: [Bug 15913] New: watchdog suggests can specify reboot time in ms, when only seconds handled Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15913 Bug ID: 15913 Summary: watchdog suggests can specify reboot time in ms, when only seconds handled Product: Busybox Version: unspecified Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: Other Assignee: unassigned at busybox.net Reporter: griscom at suitable.com CC: busybox-cvs at busybox.net Target Milestone: --- The watchdog applet's help text and CLI strongly suggests that you can specify the reboot time down to ms: > BusyBox v1.36.1 (2024-01-12 09:58:58 EST) multi-call binary. > > Usage: watchdog [-t N[ms]] [-T N[ms]] [-F] DEV > > Periodically write to watchdog device DEV > > -T N Reboot after N seconds if not reset (default 60) > -t N Reset every N seconds (default 30) > -F Run in foreground > > Use 500ms to specify period in milliseconds (Using old version, but I confirmed this hasn't changed in latest version.) However, the tool immediately divides the ms by 1000 and then uses that (as the watchdog API only supports seconds). This is confusing. Suggestions: 1) Change the "-T" argument to only take integer seconds, and change help appropriately. This would be the cleanest solution, except that there are probably existing installations using "-T 10000ms" that would be broken. 2) Change help text to make it clear that the "-T" argument should be integer seconds: > BusyBox v1.36.1 (2024-01-12 09:58:58 EST) multi-call binary. > > Usage: watchdog [-t N[ms]] [-T N] [-F] DEV > > Periodically write to watchdog device DEV > > -T N Reboot after N seconds if not reset (default 60) > -t N Reset every N seconds (default 30); add ms suffix to specify > period in milliseconds > -F Run in foreground -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Wed Jan 17 23:16:00 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Wed, 17 Jan 2024 23:16:00 +0000 Subject: [Bug 15919] New: ipcalc IPv6 support Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15919 Bug ID: 15919 Summary: ipcalc IPv6 support Product: Busybox Version: unspecified Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Networking Assignee: unassigned at busybox.net Reporter: busybox at andr04.ru CC: busybox-cvs at busybox.net Target Milestone: --- There's no ipv6 support. On the input, it returns: ipcalc: number 64 is not in 0..32 range ipcalc: bad IP address: 2a05:f480:*** It's time to prioritize IPv6 support. -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Sat Jan 20 21:09:18 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Sat, 20 Jan 2024 21:09:18 +0000 Subject: [Bug 15922] New: ANSI terminal injection possible in netstat Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15922 Bug ID: 15922 Summary: ANSI terminal injection possible in netstat Product: Busybox Version: unspecified Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Networking Assignee: unassigned at busybox.net Reporter: rbranco at suse.com CC: busybox-cvs at busybox.net Target Milestone: --- The following code displays a X as the title of an ANSI terminal. Without the final '\007' the terminal can be locked up. I think the project in general would benefit from an audit of every line using /proc/*/cmdline, /proc/*/comm, /proc/*/environ and even the symlinks /proc/*/exe & cwd. $ cat > a.c << EOF #include #include #include #include #include #include #include int main(int argc, char *argv[]) { struct sockaddr_in sin; int s; if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) err(1, "socket()"); memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; if (bind(s, (struct sockaddr*)&sin, sizeof(sin)) < 0) err(1, "bind()"); strcpy(argv[0], "/\033]0;X\007"); while (1) sleep(3600); } EOF $ unset PROMPT_COMMAND $ cc a.c $ ./a.out & $ netstat -aup -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Sun Jan 21 20:28:40 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Sun, 21 Jan 2024 20:28:40 +0000 Subject: [Bug 15925] New: [Website] RSS / Atom support to be notified about the next tags version ? Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15925 Bug ID: 15925 Summary: [Website] RSS / Atom support to be notified about the next tags version ? Product: Busybox Version: unspecified Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Website Assignee: unassigned at busybox.net Reporter: dark_footix at yahoo.fr CC: busybox-cvs at busybox.net Target Milestone: --- Hello Busybox, I am impatient about waiting for the next tag of busybox. I was looking for a way to be notified when the next tag will be available, but I can't find a method to track the evolution of this webpage https://git.busybox.net/busybox/refs/tags I tried to find RSS or Atom feed, but I failed. I tried to create an automatic feed on https://git.busybox.net/busybox/refs/tags with https://feedmix.novaclic.com/, but I failed too. It seems the website is in cgit, and cgit would have the option to enable to propose an RSS URL, could it be enable? Or is there an easier way? Thank you Frederic -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Thu Jan 25 00:50:34 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Thu, 25 Jan 2024 00:50:34 +0000 Subject: [Bug 15871] [busybox 1.36.1] use-after-free in awk In-Reply-To: References: Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15871 --- Comment #3 from Valery Ushakov --- The result of OC_REPLACE may be a TEMPVAR0 via L.v res = setvar_i(((opinfo & OPCLSMASK) == OC_BINARY) ? res : L.v, ...); -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Thu Jan 25 00:57:18 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Thu, 25 Jan 2024 00:57:18 +0000 Subject: [Bug 15874] [busybox 1.36.1] heap-buffer-overflow in awk In-Reply-To: References: Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15874 Valery Ushakov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |uwe at NetBSD.org --- Comment #2 from Valery Ushakov --- Created attachment 9697 --> https://bugs.busybox.net/attachment.cgi?id=9697&action=edit [PATCH] awk.c: fix CVE-2023-42366 (bug #15874) -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Thu Jan 25 01:03:18 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Thu, 25 Jan 2024 01:03:18 +0000 Subject: [Bug 15868] [busybox 1.36.1] use-after-free in awk In-Reply-To: References: Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15868 Valery Ushakov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |uwe at NetBSD.org --- Comment #2 from Valery Ushakov --- Seems to be the duplicate of bug #15871, just the "use" part happens in a different place. The result of OC_REPLACE may be a TEMPVAR0 via L.v res = setvar_i(((opinfo & OPCLSMASK) == OC_BINARY) ? res : L.v, ...); -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Thu Jan 25 01:21:25 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Thu, 25 Jan 2024 01:21:25 +0000 Subject: [Bug 15865] [busybox 1.36.1] use-after-free in awk In-Reply-To: References: Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15865 Valery Ushakov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |uwe at NetBSD.org --- Comment #2 from Valery Ushakov --- The relevant part of input that triggers the problem seems to be lines 17 and 18. -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Thu Jan 25 01:36:15 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Thu, 25 Jan 2024 01:36:15 +0000 Subject: [Bug 15880] [busybox 1.36.1] use-after-free in awk In-Reply-To: References: Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15880 Valery Ushakov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |uwe at NetBSD.org --- Comment #2 from Valery Ushakov --- Seems to be the duplicate of bug #15871, just the "use" part happens in a different place. The result of OC_REPLACE may be a TEMPVAR0 via L.v res = setvar_i(((opinfo & OPCLSMASK) == OC_BINARY) ? res : L.v, ...); -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Mon Jan 29 12:13:22 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Mon, 29 Jan 2024 12:13:22 +0000 Subject: [Bug 15928] New: udhcpc6 -O option data not added as environment data when processing returned server response Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15928 Bug ID: 15928 Summary: udhcpc6 -O option data not added as environment data when processing returned server response Product: Busybox Version: 1.36.x Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Networking Assignee: unassigned at busybox.net Reporter: bugzilla at traho.net CC: busybox-cvs at busybox.net Target Milestone: --- Created attachment 9700 --> https://bugs.busybox.net/attachment.cgi?id=9700&action=edit Patch to encode option data as hex string oin env variable if not directly supported in dhcpv6 client Using busybox v1.36.1 When running a DHCPv6 client and adding user defined options, using the -O, on the udhcpc6 command line, the data returned by the DHCP server is not accessible in the script defined in the -s command line option. The use of the -O option works for DHCPv4 clients with the option data being processed and exposed as an environment variable. E.g. with "-O 143" on the command line any returned data would be encoded as a hex string under the variable opt143, which is in turn accessible in the script referenced by the -s CLI option (as $opt143). This does not seem to be implemented for the DHCPv6 client. To address this I have created a local patch file that replicates the behavior I observed with DHCPv4 (see attachment) I hope this can be used to address this bug... -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Mon Jan 29 15:40:54 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Mon, 29 Jan 2024 15:40:54 +0000 Subject: [Bug 15931] New: CBQ support removed from Linux kernel Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15931 Bug ID: 15931 Summary: CBQ support removed from Linux kernel Product: Busybox Version: 1.36.x Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Networking Assignee: unassigned at busybox.net Reporter: spotrh at gmail.com CC: busybox-cvs at busybox.net Target Milestone: --- I noticed that networking/tc.c was failing to build against current Linux kernel headers, because CBQ support was removed: https://github.com/torvalds/linux/commit/33241dca486264193ed68167c8eeae1fb197f3df iproute2 responded to the removal by deleting all CBQ related functionality: https://github.com/iproute2/iproute2/commit/07ba0af3fee132eddc1c2eab643ff4910181c993 A similar approach in tc.c may be appropriate, but I defer to your wisdom. -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Tue Jan 30 10:30:16 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Tue, 30 Jan 2024 10:30:16 +0000 Subject: [Bug 15934] New: Busybox fails to build with linux kernels >= 6.8 Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15934 Bug ID: 15934 Summary: Busybox fails to build with linux kernels >= 6.8 Product: Busybox Version: 1.36.x Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: Networking Assignee: unassigned at busybox.net Reporter: br015 at umbiko.net CC: busybox-cvs at busybox.net Target Milestone: --- Linux kernel 6.8 removed a number of traffic control related symbols from include/uapi/linux/pkt_sched.h [1]. When using kernel 6.8 headers, compilation of tc.c fails with: networking/tc.c: In function ?cbq_print_opt?: networking/tc.c:236:27: error: ?TCA_CBQ_MAX? undeclared (first use in this function); did you mean ?TCA_CBS_MAX?? 236 | struct rtattr *tb[TCA_CBQ_MAX+1]; | ^~~~~~~~~~~ | TCA_CBS_MAX Temporary workaround: remove tc from the build with: # CONFIG_TC is not defined [1] https://lore.kernel.org/all/20231223140154.1319084-1-jhs at mojatatu.com/T/ -- You are receiving this mail because: You are on the CC list for the bug. From bugzilla at busybox.net Wed Jan 31 01:44:49 2024 From: bugzilla at busybox.net (bugzilla at busybox.net) Date: Wed, 31 Jan 2024 01:44:49 +0000 Subject: [Bug 15865] [busybox 1.36.1] use-after-free in awk In-Reply-To: References: Message-ID: https://bugs.busybox.net/show_bug.cgi?id=15865 --- Comment #3 from Valery Ushakov --- So, the bug is triggered by lines 17 and 18 in the input, b/c the END rule is mangled by the fuzzer to have weird code where collected languages are processed. Line 128 of the mangled awk program is: macros[i] = "CL_" langs[i], gsub( "[^A-Za-z0-9_]", "X", macros[i] ) and all awks reject that use of comma as a syntax error, but busybox awk accepts it. As far as I can tell, this bug can be reproduced with something like: $ awk 'BEGIN { v = "abc", gsub("b", "X", v); print v }' aXc (use asan/valgrind to taste). -- You are receiving this mail because: You are on the CC list for the bug.